[Full-Disclosure] (no subject)

["Robin Landis" <rebl@xxxxxxxxxxxxx>]

-> The very same people are finding these big bugs. It is not like there are a 
whole ton of unexperienced people finding these bugs. These are the best. They 
are experts at finding them. They may not always be cognizant of this 
themselves, the act of finding them may not seem difficult to them, but it is 
-- and this is clearly shown by the fact that the same people keep finding 
these bugs.

I contend that the fact that the very same people are reporting bugs does not 
mean that they are the only ones finding them.  Nor does it mean that only an 
expert might find them.  Nor does it mean that all experts would be inclined to 
report them.

Using any operating system that is 1) not obcessed with backward compatibility 
to the point that old vulnerabilities are retained forever, and 2) does not 
force users and servers alike to run unnecessary applications, and 3) is 
deployed by a company that manages its software development lifecycle in a 
manner that ensures all the various programmers are applying security patches 
to all the various versions under development, would be a big improvement.  
Microsoft might someday become such a company....XP SP2 being a start.

And then you could look at how IE handles security zones...
Whether the new search tool will be another "built-in"...

Robin
-- 
_____________________________________________________________
Web-based SMS services available at http://www.operamail.com.
From your mailbox to local or overseas cell phones.

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html